From 71c534afeeeb24c5b41c27e290aa26fb32064f0e Mon Sep 17 00:00:00 2001 From: Tom Date: Sun, 17 Mar 2024 11:55:31 +0000 Subject: [PATCH 1/4] feat: remove unnecessary `mulmod`s from verifier --- .../sol/src/ultra/BaseUltraVerifier.sol | 287 +++++------------- 1 file changed, 80 insertions(+), 207 deletions(-) diff --git a/barretenberg/sol/src/ultra/BaseUltraVerifier.sol b/barretenberg/sol/src/ultra/BaseUltraVerifier.sol index 507e644e794..a9dfa4fa632 100644 --- a/barretenberg/sol/src/ultra/BaseUltraVerifier.sol +++ b/barretenberg/sol/src/ultra/BaseUltraVerifier.sol @@ -2094,345 +2094,218 @@ abstract contract BaseUltraVerifier { // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q1 - { - let x := mload(Q1_X_LOC) - let y := mload(Q1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q1 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q1_X_LOC)) + mstore(0x20, mload(Q1_Y_LOC)) mstore(0x40, mload(C_V7_LOC)) // accumulator_2 = v7.[Q1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q2 - { - let x := mload(Q2_X_LOC) - let y := mload(Q2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q2 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q2_X_LOC)) + mstore(0x20, mload(Q2_Y_LOC)) mstore(0x40, mload(C_V8_LOC)) // accumulator_2 = v8.[Q2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q3 - { - let x := mload(Q3_X_LOC) - let y := mload(Q3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q3 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q3_X_LOC)) + mstore(0x20, mload(Q3_Y_LOC)) mstore(0x40, mload(C_V9_LOC)) // accumulator_2 = v9.[Q3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q4 - { - let x := mload(Q4_X_LOC) - let y := mload(Q4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q4 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q4_X_LOC)) + mstore(0x20, mload(Q4_Y_LOC)) mstore(0x40, mload(C_V10_LOC)) // accumulator_2 = v10.[Q4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QM - { - let x := mload(QM_X_LOC) - let y := mload(QM_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QM + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(QM_X_LOC)) + mstore(0x20, mload(QM_Y_LOC)) mstore(0x40, mload(C_V11_LOC)) // accumulator_2 = v11.[Q;] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QC - { - let x := mload(QC_X_LOC) - let y := mload(QC_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QC + + mstore(0x00, mload(QC_X_LOC)) + mstore(0x20, mload(QC_Y_LOC)) mstore(0x40, mload(C_V12_LOC)) // accumulator_2 = v12.[QC] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QARITH - { - let x := mload(QARITH_X_LOC) - let y := mload(QARITH_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QARITH + mstore(0x00, mload(QARITH_X_LOC)) + mstore(0x20, mload(QARITH_Y_LOC)) mstore(0x40, mload(C_V13_LOC)) // accumulator_2 = v13.[QARITH] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QSORT - { - let x := mload(QSORT_X_LOC) - let y := mload(QSORT_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QSORT + mstore(0x00, mload(QSORT_X_LOC)) + mstore(0x20, mload(QSORT_Y_LOC)) mstore(0x40, mload(C_V14_LOC)) // accumulator_2 = v14.[QSORT] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QELLIPTIC - { - let x := mload(QELLIPTIC_X_LOC) - let y := mload(QELLIPTIC_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QELLIPTIC + mstore(0x00, mload(QELLIPTIC_X_LOC)) + mstore(0x20, mload(QELLIPTIC_Y_LOC)) mstore(0x40, mload(C_V15_LOC)) // accumulator_2 = v15.[QELLIPTIC] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QAUX - { - let x := mload(QAUX_X_LOC) - let y := mload(QAUX_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QAUX + mstore(0x00, mload(QAUX_X_LOC)) + mstore(0x20, mload(QAUX_Y_LOC)) mstore(0x40, mload(C_V16_LOC)) // accumulator_2 = v15.[Q_AUX] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA1 - { - let x := mload(SIGMA1_X_LOC) - let y := mload(SIGMA1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA1 + mstore(0x00, mload(SIGMA1_X_LOC)) + mstore(0x20, mload(SIGMA1_Y_LOC)) mstore(0x40, mload(C_V17_LOC)) // accumulator_2 = v17.[sigma1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA2 - { - let x := mload(SIGMA2_X_LOC) - let y := mload(SIGMA2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA2 + mstore(0x00, mload(SIGMA2_X_LOC)) + mstore(0x20, mload(SIGMA2_Y_LOC)) mstore(0x40, mload(C_V18_LOC)) // accumulator_2 = v18.[sigma2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA3 - { - let x := mload(SIGMA3_X_LOC) - let y := mload(SIGMA3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA3 + mstore(0x00, mload(SIGMA3_X_LOC)) + mstore(0x20, mload(SIGMA3_Y_LOC)) mstore(0x40, mload(C_V19_LOC)) // accumulator_2 = v19.[sigma3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA4 - { - let x := mload(SIGMA4_X_LOC) - let y := mload(SIGMA4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA4 + mstore(0x00, mload(SIGMA4_X_LOC)) + mstore(0x20, mload(SIGMA4_Y_LOC)) mstore(0x40, mload(C_V20_LOC)) // accumulator_2 = v20.[sigma4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE1 - { - let x := mload(TABLE1_X_LOC) - let y := mload(TABLE1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE1 + mstore(0x00, mload(TABLE1_X_LOC)) + mstore(0x20, mload(TABLE1_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) // accumulator_2 = u.[table1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE2 - { - let x := mload(TABLE2_X_LOC) - let y := mload(TABLE2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE2 + mstore(0x00, mload(TABLE2_X_LOC)) + mstore(0x20, mload(TABLE2_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) // accumulator_2 = u.[table2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE3 - { - let x := mload(TABLE3_X_LOC) - let y := mload(TABLE3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE3 + mstore(0x00, mload(TABLE3_X_LOC)) + mstore(0x20, mload(TABLE3_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) // accumulator_2 = u.[table3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE4 - { - let x := mload(TABLE4_X_LOC) - let y := mload(TABLE4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE4 + mstore(0x00, mload(TABLE4_X_LOC)) + mstore(0x20, mload(TABLE4_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) // accumulator_2 = u.[table4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE_TYPE - { - let x := mload(TABLE_TYPE_X_LOC) - let y := mload(TABLE_TYPE_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE_TYPE + mstore(0x00, mload(TABLE_TYPE_X_LOC)) + mstore(0x20, mload(TABLE_TYPE_Y_LOC)) mstore(0x40, mload(C_V25_LOC)) // accumulator_2 = v25.[TableType] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID1 - { - let x := mload(ID1_X_LOC) - let y := mload(ID1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID1 + mstore(0x00, mload(ID1_X_LOC)) + mstore(0x20, mload(ID1_Y_LOC)) mstore(0x40, mload(C_V26_LOC)) // accumulator_2 = v26.[ID1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID2 - { - let x := mload(ID2_X_LOC) - let y := mload(ID2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID2 + mstore(0x00, mload(ID2_X_LOC)) + mstore(0x20, mload(ID2_Y_LOC)) mstore(0x40, mload(C_V27_LOC)) // accumulator_2 = v27.[ID2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID3 - { - let x := mload(ID3_X_LOC) - let y := mload(ID3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID3 + mstore(0x00, mload(ID3_X_LOC)) + mstore(0x20, mload(ID3_Y_LOC)) mstore(0x40, mload(C_V28_LOC)) // accumulator_2 = v28.[ID3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID4 - { - let x := mload(ID4_X_LOC) - let y := mload(ID4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID4 + mstore(0x00, mload(ID4_X_LOC)) + mstore(0x20, mload(ID4_Y_LOC)) mstore(0x40, mload(C_V29_LOC)) // accumulator_2 = v29.[ID4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) From bd135bcf67dfcd22b84583c5969ca2cbe95d879c Mon Sep 17 00:00:00 2001 From: Tom French Date: Sun, 17 Mar 2024 16:25:02 +0000 Subject: [PATCH 2/4] chore: update contract in `dsl` --- .../barretenberg/dsl/acir_proofs/contract.hpp | 288 +++++------------- 1 file changed, 81 insertions(+), 207 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp index 18279607dba..1d960c92e64 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp @@ -2120,345 +2120,218 @@ abstract contract BaseUltraVerifier { // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q1 - { - let x := mload(Q1_X_LOC) - let y := mload(Q1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q1 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q1_X_LOC)) + mstore(0x20, mload(Q1_Y_LOC)) mstore(0x40, mload(C_V7_LOC)) // accumulator_2 = v7.[Q1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q2 - { - let x := mload(Q2_X_LOC) - let y := mload(Q2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q2 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q2_X_LOC)) + mstore(0x20, mload(Q2_Y_LOC)) mstore(0x40, mload(C_V8_LOC)) // accumulator_2 = v8.[Q2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q3 - { - let x := mload(Q3_X_LOC) - let y := mload(Q3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q3 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q3_X_LOC)) + mstore(0x20, mload(Q3_Y_LOC)) mstore(0x40, mload(C_V9_LOC)) // accumulator_2 = v9.[Q3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE Q4 - { - let x := mload(Q4_X_LOC) - let y := mload(Q4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE Q4 + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(Q4_X_LOC)) + mstore(0x20, mload(Q4_Y_LOC)) mstore(0x40, mload(C_V10_LOC)) // accumulator_2 = v10.[Q4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QM - { - let x := mload(QM_X_LOC) - let y := mload(QM_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QM + + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, mload(QM_X_LOC)) + mstore(0x20, mload(QM_Y_LOC)) mstore(0x40, mload(C_V11_LOC)) // accumulator_2 = v11.[Q;] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QC - { - let x := mload(QC_X_LOC) - let y := mload(QC_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QC + + mstore(0x00, mload(QC_X_LOC)) + mstore(0x20, mload(QC_Y_LOC)) mstore(0x40, mload(C_V12_LOC)) // accumulator_2 = v12.[QC] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QARITH - { - let x := mload(QARITH_X_LOC) - let y := mload(QARITH_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QARITH + mstore(0x00, mload(QARITH_X_LOC)) + mstore(0x20, mload(QARITH_Y_LOC)) mstore(0x40, mload(C_V13_LOC)) // accumulator_2 = v13.[QARITH] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QSORT - { - let x := mload(QSORT_X_LOC) - let y := mload(QSORT_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QSORT + mstore(0x00, mload(QSORT_X_LOC)) + mstore(0x20, mload(QSORT_Y_LOC)) mstore(0x40, mload(C_V14_LOC)) // accumulator_2 = v14.[QSORT] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QELLIPTIC - { - let x := mload(QELLIPTIC_X_LOC) - let y := mload(QELLIPTIC_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QELLIPTIC + mstore(0x00, mload(QELLIPTIC_X_LOC)) + mstore(0x20, mload(QELLIPTIC_Y_LOC)) mstore(0x40, mload(C_V15_LOC)) // accumulator_2 = v15.[QELLIPTIC] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE QAUX - { - let x := mload(QAUX_X_LOC) - let y := mload(QAUX_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE QAUX + mstore(0x00, mload(QAUX_X_LOC)) + mstore(0x20, mload(QAUX_Y_LOC)) mstore(0x40, mload(C_V16_LOC)) // accumulator_2 = v15.[Q_AUX] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA1 - { - let x := mload(SIGMA1_X_LOC) - let y := mload(SIGMA1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA1 + mstore(0x00, mload(SIGMA1_X_LOC)) + mstore(0x20, mload(SIGMA1_Y_LOC)) mstore(0x40, mload(C_V17_LOC)) // accumulator_2 = v17.[sigma1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA2 - { - let x := mload(SIGMA2_X_LOC) - let y := mload(SIGMA2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA2 + mstore(0x00, mload(SIGMA2_X_LOC)) + mstore(0x20, mload(SIGMA2_Y_LOC)) mstore(0x40, mload(C_V18_LOC)) // accumulator_2 = v18.[sigma2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA3 - { - let x := mload(SIGMA3_X_LOC) - let y := mload(SIGMA3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA3 + mstore(0x00, mload(SIGMA3_X_LOC)) + mstore(0x20, mload(SIGMA3_Y_LOC)) mstore(0x40, mload(C_V19_LOC)) // accumulator_2 = v19.[sigma3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE SIGMA4 - { - let x := mload(SIGMA4_X_LOC) - let y := mload(SIGMA4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE SIGMA4 + mstore(0x00, mload(SIGMA4_X_LOC)) + mstore(0x20, mload(SIGMA4_Y_LOC)) mstore(0x40, mload(C_V20_LOC)) // accumulator_2 = v20.[sigma4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE1 - { - let x := mload(TABLE1_X_LOC) - let y := mload(TABLE1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE1 + mstore(0x00, mload(TABLE1_X_LOC)) + mstore(0x20, mload(TABLE1_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) // accumulator_2 = u.[table1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE2 - { - let x := mload(TABLE2_X_LOC) - let y := mload(TABLE2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE2 + mstore(0x00, mload(TABLE2_X_LOC)) + mstore(0x20, mload(TABLE2_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) // accumulator_2 = u.[table2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE3 - { - let x := mload(TABLE3_X_LOC) - let y := mload(TABLE3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE3 + mstore(0x00, mload(TABLE3_X_LOC)) + mstore(0x20, mload(TABLE3_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) // accumulator_2 = u.[table3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE4 - { - let x := mload(TABLE4_X_LOC) - let y := mload(TABLE4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE4 + mstore(0x00, mload(TABLE4_X_LOC)) + mstore(0x20, mload(TABLE4_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) // accumulator_2 = u.[table4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE TABLE_TYPE - { - let x := mload(TABLE_TYPE_X_LOC) - let y := mload(TABLE_TYPE_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE TABLE_TYPE + mstore(0x00, mload(TABLE_TYPE_X_LOC)) + mstore(0x20, mload(TABLE_TYPE_Y_LOC)) mstore(0x40, mload(C_V25_LOC)) // accumulator_2 = v25.[TableType] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID1 - { - let x := mload(ID1_X_LOC) - let y := mload(ID1_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID1 + mstore(0x00, mload(ID1_X_LOC)) + mstore(0x20, mload(ID1_Y_LOC)) mstore(0x40, mload(C_V26_LOC)) // accumulator_2 = v26.[ID1] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID2 - { - let x := mload(ID2_X_LOC) - let y := mload(ID2_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID2 + mstore(0x00, mload(ID2_X_LOC)) + mstore(0x20, mload(ID2_Y_LOC)) mstore(0x40, mload(C_V27_LOC)) // accumulator_2 = v27.[ID2] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID3 - { - let x := mload(ID3_X_LOC) - let y := mload(ID3_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID3 + mstore(0x00, mload(ID3_X_LOC)) + mstore(0x20, mload(ID3_Y_LOC)) mstore(0x40, mload(C_V28_LOC)) // accumulator_2 = v28.[ID3] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) // accumulator = accumulator + accumulator_2 success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - // VALIDATE ID4 - { - let x := mload(ID4_X_LOC) - let y := mload(ID4_Y_LOC) - let xx := mulmod(x, x, q) - // Verification key fields verified to be on curve at contract deployment - mstore(0x00, x) - mstore(0x20, y) - } + // ACCUMULATE ID4 + mstore(0x00, mload(ID4_X_LOC)) + mstore(0x20, mload(ID4_Y_LOC)) mstore(0x40, mload(C_V29_LOC)) // accumulator_2 = v29.[ID4] success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) @@ -2792,6 +2665,7 @@ abstract contract BaseUltraVerifier { } } + contract UltraVerifier is BaseUltraVerifier { function getVerificationKeyHash() public pure override(BaseUltraVerifier) returns (bytes32) { return UltraVerificationKey.verificationKeyHash(); From a5fdbbce553d8fa348b69fa990f4c8ab2d11b475 Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Sun, 17 Mar 2024 17:32:27 +0000 Subject: [PATCH 3/4] Update barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp --- barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp | 1 - 1 file changed, 1 deletion(-) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp index 1d960c92e64..76f47788258 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp @@ -2665,7 +2665,6 @@ abstract contract BaseUltraVerifier { } } - contract UltraVerifier is BaseUltraVerifier { function getVerificationKeyHash() public pure override(BaseUltraVerifier) returns (bytes32) { return UltraVerificationKey.verificationKeyHash(); From 5947852ee0ec4b50a79de849da4b1ec73e94e84f Mon Sep 17 00:00:00 2001 From: Tom French Date: Sun, 17 Mar 2024 17:31:25 +0000 Subject: [PATCH 4/4] chore: standardize comments --- .../barretenberg/dsl/acir_proofs/contract.hpp | 35 +++++++++++++++++++ .../sol/src/ultra/BaseUltraVerifier.sol | 35 +++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp index 76f47788258..d3d5d675fa5 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/contract.hpp @@ -2177,6 +2177,7 @@ abstract contract BaseUltraVerifier { // ACCUMULATE QC + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QC_X_LOC)) mstore(0x20, mload(QC_Y_LOC)) mstore(0x40, mload(C_V12_LOC)) @@ -2186,6 +2187,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QARITH + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QARITH_X_LOC)) mstore(0x20, mload(QARITH_Y_LOC)) mstore(0x40, mload(C_V13_LOC)) @@ -2195,6 +2198,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QSORT + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QSORT_X_LOC)) mstore(0x20, mload(QSORT_Y_LOC)) mstore(0x40, mload(C_V14_LOC)) @@ -2204,6 +2209,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QELLIPTIC + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QELLIPTIC_X_LOC)) mstore(0x20, mload(QELLIPTIC_Y_LOC)) mstore(0x40, mload(C_V15_LOC)) @@ -2213,6 +2220,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QAUX + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QAUX_X_LOC)) mstore(0x20, mload(QAUX_Y_LOC)) mstore(0x40, mload(C_V16_LOC)) @@ -2222,6 +2231,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA1 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA1_X_LOC)) mstore(0x20, mload(SIGMA1_Y_LOC)) mstore(0x40, mload(C_V17_LOC)) @@ -2231,6 +2242,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA2 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA2_X_LOC)) mstore(0x20, mload(SIGMA2_Y_LOC)) mstore(0x40, mload(C_V18_LOC)) @@ -2240,6 +2253,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA3 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA3_X_LOC)) mstore(0x20, mload(SIGMA3_Y_LOC)) mstore(0x40, mload(C_V19_LOC)) @@ -2249,6 +2264,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA4 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA4_X_LOC)) mstore(0x20, mload(SIGMA4_Y_LOC)) mstore(0x40, mload(C_V20_LOC)) @@ -2258,6 +2275,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE1 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE1_X_LOC)) mstore(0x20, mload(TABLE1_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) @@ -2267,6 +2286,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE2 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE2_X_LOC)) mstore(0x20, mload(TABLE2_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) @@ -2276,6 +2297,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE3 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE3_X_LOC)) mstore(0x20, mload(TABLE3_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) @@ -2285,6 +2308,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE4 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE4_X_LOC)) mstore(0x20, mload(TABLE4_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) @@ -2294,6 +2319,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE_TYPE + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE_TYPE_X_LOC)) mstore(0x20, mload(TABLE_TYPE_Y_LOC)) mstore(0x40, mload(C_V25_LOC)) @@ -2303,6 +2330,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID1 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID1_X_LOC)) mstore(0x20, mload(ID1_Y_LOC)) mstore(0x40, mload(C_V26_LOC)) @@ -2312,6 +2341,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID2 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID2_X_LOC)) mstore(0x20, mload(ID2_Y_LOC)) mstore(0x40, mload(C_V27_LOC)) @@ -2321,6 +2352,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID3 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID3_X_LOC)) mstore(0x20, mload(ID3_Y_LOC)) mstore(0x40, mload(C_V28_LOC)) @@ -2330,6 +2363,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID4 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID4_X_LOC)) mstore(0x20, mload(ID4_Y_LOC)) mstore(0x40, mload(C_V29_LOC)) diff --git a/barretenberg/sol/src/ultra/BaseUltraVerifier.sol b/barretenberg/sol/src/ultra/BaseUltraVerifier.sol index a9dfa4fa632..e969bff9009 100644 --- a/barretenberg/sol/src/ultra/BaseUltraVerifier.sol +++ b/barretenberg/sol/src/ultra/BaseUltraVerifier.sol @@ -2151,6 +2151,7 @@ abstract contract BaseUltraVerifier { // ACCUMULATE QC + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QC_X_LOC)) mstore(0x20, mload(QC_Y_LOC)) mstore(0x40, mload(C_V12_LOC)) @@ -2160,6 +2161,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QARITH + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QARITH_X_LOC)) mstore(0x20, mload(QARITH_Y_LOC)) mstore(0x40, mload(C_V13_LOC)) @@ -2169,6 +2172,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QSORT + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QSORT_X_LOC)) mstore(0x20, mload(QSORT_Y_LOC)) mstore(0x40, mload(C_V14_LOC)) @@ -2178,6 +2183,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QELLIPTIC + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QELLIPTIC_X_LOC)) mstore(0x20, mload(QELLIPTIC_Y_LOC)) mstore(0x40, mload(C_V15_LOC)) @@ -2187,6 +2194,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE QAUX + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(QAUX_X_LOC)) mstore(0x20, mload(QAUX_Y_LOC)) mstore(0x40, mload(C_V16_LOC)) @@ -2196,6 +2205,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA1 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA1_X_LOC)) mstore(0x20, mload(SIGMA1_Y_LOC)) mstore(0x40, mload(C_V17_LOC)) @@ -2205,6 +2216,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA2 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA2_X_LOC)) mstore(0x20, mload(SIGMA2_Y_LOC)) mstore(0x40, mload(C_V18_LOC)) @@ -2214,6 +2227,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA3 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA3_X_LOC)) mstore(0x20, mload(SIGMA3_Y_LOC)) mstore(0x40, mload(C_V19_LOC)) @@ -2223,6 +2238,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE SIGMA4 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(SIGMA4_X_LOC)) mstore(0x20, mload(SIGMA4_Y_LOC)) mstore(0x40, mload(C_V20_LOC)) @@ -2232,6 +2249,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE1 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE1_X_LOC)) mstore(0x20, mload(TABLE1_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) @@ -2241,6 +2260,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE2 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE2_X_LOC)) mstore(0x20, mload(TABLE2_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) @@ -2250,6 +2271,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE3 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE3_X_LOC)) mstore(0x20, mload(TABLE3_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) @@ -2259,6 +2282,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE4 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE4_X_LOC)) mstore(0x20, mload(TABLE4_Y_LOC)) mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) @@ -2268,6 +2293,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE TABLE_TYPE + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(TABLE_TYPE_X_LOC)) mstore(0x20, mload(TABLE_TYPE_Y_LOC)) mstore(0x40, mload(C_V25_LOC)) @@ -2277,6 +2304,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID1 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID1_X_LOC)) mstore(0x20, mload(ID1_Y_LOC)) mstore(0x40, mload(C_V26_LOC)) @@ -2286,6 +2315,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID2 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID2_X_LOC)) mstore(0x20, mload(ID2_Y_LOC)) mstore(0x40, mload(C_V27_LOC)) @@ -2295,6 +2326,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID3 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID3_X_LOC)) mstore(0x20, mload(ID3_Y_LOC)) mstore(0x40, mload(C_V28_LOC)) @@ -2304,6 +2337,8 @@ abstract contract BaseUltraVerifier { success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) // ACCUMULATE ID4 + + // Verification key fields verified to be on curve at contract deployment mstore(0x00, mload(ID4_X_LOC)) mstore(0x20, mload(ID4_Y_LOC)) mstore(0x40, mload(C_V29_LOC))